Dropbox Introduces 2-Factor Authentication

Try this: <a href="https://www.dropbox.com/try_twofactor" rel="nofollow">https://www.dropbox.com/try_twofactor</a><p>Although tray login still logs you in without the need to enter password or the code.

More details: <a href="https://www.dropbox.com/help/363/en" rel="nofollow">https://www.dropbox.com/help/363/en</a><p>It looks like they support any app that uses the TOTP protocol, so google authenticator, among others, works with this seamlessly.

I'm glad they didn't invent their own mechanism but used standard OTP tokens, so you can just add them to apps like Google Authenticator.

I don't see any mention of 2-factor auth on the linked page. Maybe they're rolling it out in stages?

I upgraded my account, and now the desktop client is not letting me login, saying I need the latest client. I downloaded that and it still gives me the same error..

Does anyone know where I can download the latest Linux binary that support 2 factor authentication? I tried downloading the linux version, but it keeps on saying "this account uses two-step verification. To link to it, please download the latest version of Dropbox from www.dropbox.com/download". Maybe there is no new linux client, not sure.

Well done. I wish more sites would move to using standard OTP protocols. I hate having to carry around and use a separate dongle for each company that provides two factor authentication.

Great, now only if they actually encrypted my files.

If you want to get the most out of this, use a hardware token generator instead of a phone or computer. Example: <a href="http://hackaday.com/2012/07/11/time-based-one-time-passwords-with-an-arduino/" rel="nofollow">http://hackaday.com/2012/07/11/time-based-one-time-passwords...</a> <a href="http://lab.infoserver.com.br/wiki/index.php/Projects:arduino-oath-token#Arduino_OATH_Token" rel="nofollow">http://lab.infoserver.com.br/wiki/index.php/Projects:arduino...</a>

Carrying a set of backup codes when travelling, generating a code for each app that is linked to your account...these things make two way authentication seem very inconvenient. I went with converting my gmail account to use two way authentication but after being informed to remember to carry a set of 10 backup codes when I am going to be without my phone, was a turn off and I reverted to my old settings.

Hmm, but I can still simply open someone's Dropbox folder locally if they forgot to logoff/switch on their computer...

My security codes aren't working (invalid). Using Google Authenticator.<p>Anyone else have this issue?

Yeay, now I can have a really secure login to my insecure files?

Two-Factor authentication sucks. It's too hard for users. Most people will never us it. Dropbox should consider using Rublon (yes, that's my startup): <a href="https://rublon.com" rel="nofollow">https://rublon.com</a><p>7 reasons why you should add Rublon to your website: <a href="http://blog.rublon.com/2012/why-add-rublon/" rel="nofollow">http://blog.rublon.com/2012/why-add-rublon/</a>